forms.office.com
Open in
urlscan Pro
13.107.6.194
Public Scan
Effective URL: https://forms.office.com/Pages/ResponsePage.aspx?id=KYNiKsJHJU6oc6hH8pYTcdVf92Nx1ypCujReJNEmPnhUME44Q1hJVDFXWUg4RldFS0dIU...
Submission: On January 17 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on July 20th 2022. Valid for: a year.
This is the only time forms.office.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 35.157.82.146 35.157.82.146 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 13.107.6.194 13.107.6.194 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
6 | 42.99.140.194 42.99.140.194 | 4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global) | |
8 | 3 |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-82-146.eu-central-1.compute.amazonaws.com
fal.cn |
ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-194.pacnet.net
cdn.forms.office.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
office.net
cdn.forms.office.net — Cisco Umbrella Rank: 8409 |
215 KB |
1 |
office.com
forms.office.com — Cisco Umbrella Rank: 5847 |
17 KB |
1 |
fal.cn
1 redirects
fal.cn — Cisco Umbrella Rank: 239696 |
603 B |
8 | 3 |
Domain | Requested by | |
---|---|---|
6 | cdn.forms.office.net |
forms.office.com
cdn.forms.office.net |
1 | forms.office.com |
forms.office.com
|
1 | fal.cn | 1 redirects |
8 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
forms.office.com Microsoft Azure TLS Issuing CA 02 |
2022-07-20 - 2023-07-15 |
a year | crt.sh |
cdn.forms.office.net Microsoft Azure TLS Issuing CA 06 |
2022-09-28 - 2023-09-23 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://forms.office.com/Pages/ResponsePage.aspx?id=KYNiKsJHJU6oc6hH8pYTcdVf92Nx1ypCujReJNEmPnhUME44Q1hJVDFXWUg4RldFS0dIUk0wUFhNVy4u&qrcode=true
Frame ID: 71E43D9275C71A132F1D45733CBA5B24
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Microsoft FormsPage URL History Show full URLs
-
https://fal.cn/3v1jh
HTTP 301
https://forms.office.com/Pages/ResponsePage.aspx?id=KYNiKsJHJU6oc6hH8pYTcdVf92Nx1ypCujReJNEmPnhUME44Q... Page URL
Detected technologies
Microsoft ASP.NET (Web Frameworks) ExpandDetected patterns
- \.aspx?(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://fal.cn/3v1jh
HTTP 301
https://forms.office.com/Pages/ResponsePage.aspx?id=KYNiKsJHJU6oc6hH8pYTcdVf92Nx1ypCujReJNEmPnhUME44Q1hJVDFXWUg4RldFS0dIUk0wUFhNVy4u&qrcode=true Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
ResponsePage.aspx
forms.office.com/Pages/ Redirect Chain
|
56 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ls-response.default.031fcb5bc.js
cdn.forms.office.net/forms/scripts/dists/ |
25 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.782054a.css
cdn.forms.office.net/forms/css/dist/ |
144 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.min.20ea671.js
cdn.forms.office.net/forms/scripts/dists/ |
305 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
runtimeFormsWithResponses('KYNiKsJHJU6oc6hH8pYTcdVf92Nx1ypCujReJNEmPnhUME44Q1hJVDFXWUg4RldFS0dIUk0wUFhNVy4u')
forms.office.com/formapi/api/2a628329-47c2-4e25-a873-a847f2961371/users/63f75fd5-d771-422a-ba34-5e24d1263e78/light/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_ext.c7de252.js
cdn.forms.office.net/forms/scripts/dists/ |
0 59 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_cover.138c4bd.js
cdn.forms.office.net/forms/scripts/dists/ |
0 34 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light-response-page.chunk.lrp_post.boot.96ffbd4.js
cdn.forms.office.net/forms/scripts/dists/ |
0 4 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- forms.office.com
- URL
- https://forms.office.com/formapi/api/2a628329-47c2-4e25-a873-a847f2961371/users/63f75fd5-d771-422a-ba34-5e24d1263e78/light/runtimeFormsWithResponses('KYNiKsJHJU6oc6hH8pYTcdVf92Nx1ypCujReJNEmPnhUME44Q1hJVDFXWUg4RldFS0dIUk0wUFhNVy4u')?$expand=questions($expand=choices)
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange string| formsInitialVisibility object| NavKeyPoints function| reloadNoCdn object| OfficeFormServerInfo object| FormPrefetchCache object| FormsLsMap function| setPublicPath function| replaceChunkSrc object| webpackChunk function| formsModuleResolveErrorCallback object| formClientApi object| formsLsPromiseMap1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
forms.office.com/ | Name: __RequestVerificationToken Value: AxdRowi2jidfmZFpkvHuwxGM38GSrcY5RkfYQjO_t-erxX64WlgUGo2kT5SIaGkw3BqW3pvYDvgtVHISiUZu4a2kzUmBpDYNbRNjZGPQ9lg1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=2592000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.forms.office.net
fal.cn
forms.office.com
forms.office.com
13.107.6.194
35.157.82.146
42.99.140.194
08ba09dac3da34e2a3798e4b18b991c1528fda8e5db0138e06507f5dadb6e50b
308c23aef72374a6557537625ee7fef2e8182d20a3e2977988e50b20377f2efc
79b795b668f495419b1287325ccbe791983c886ca5cb8a63bbce45763eb67c79
cf025efc1c4ea5b63c8d45635b64903d40e61829b919c3cf345c527b71386f7f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855